protos

package
v1.0.0-beta3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 4, 2015 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrInvalidPort = errors.New("port number out of range")
View Source 
var ProtocolNames = []string{
	"unknown",
	"http",
	"mysql",
	"redis",
	"pgsql",
	"thrift",
	"mongodb",
	"dns",
	"memcache",
}

Protocol names

Functions

This section is empty.

Types

type Packet 

type Packet struct {
	Ts      time.Time
	Tuple   common.IpPortTuple
	Payload []byte
}

type PortsConfig added in v1.0.0 

type PortsConfig struct {
	Ports []int
}

Protocol Plugin Port configuration with validation on init

func (*PortsConfig) Init added in v1.0.0 

func (p *PortsConfig) Init(ports ...int) error

func (*PortsConfig) Set added in v1.0.0 

func (p *PortsConfig) Set(ports []int) error

type Protocol 

type Protocol uint16

Protocol identifier. 

const (
	UnknownProtocol Protocol = iota
	HttpProtocol
	MysqlProtocol
	RedisProtocol
	PgsqlProtocol
	ThriftProtocol
	MongodbProtocol
	DnsProtocol
	MemcacheProtocol
)

Protocol constants.

func (Protocol) String 

func (p Protocol) String() string

type ProtocolData 

type ProtocolData interface{}

ProtocolData interface to represent an upper protocol private data. Used with types like HttpStream, MysqlStream, etc.

type ProtocolPlugin 

type ProtocolPlugin interface {
	// Called to initialize the Plugin
	Init(test_mode bool, results chan common.MapStr) error

	// Called to return the configured ports
	GetPorts() []int
}

Functions to be exported by a protocol plugin

type Protocols 

type Protocols interface {
	BpfFilter(with_vlans bool) string
	GetTcp(proto Protocol) TcpProtocolPlugin
	GetUdp(proto Protocol) UdpProtocolPlugin
	GetAll() map[Protocol]ProtocolPlugin
	GetAllTcp() map[Protocol]TcpProtocolPlugin
	GetAllUdp() map[Protocol]UdpProtocolPlugin
	Register(proto Protocol, plugin ProtocolPlugin)
}

type ProtocolsStruct added in v1.0.0 

type ProtocolsStruct struct {
	// contains filtered or unexported fields
}

list of protocol plugins 

var Protos ProtocolsStruct

Singleton of Protocols type.

func (ProtocolsStruct) BpfFilter added in v1.0.0 

func (protocols ProtocolsStruct) BpfFilter(with_vlans bool) string

BpfFilter returns a Berkeley Packer Filter (BFP) expression that will match against packets for the registered protocols. If with_vlans is true the filter will match against both IEEE 802.1Q VLAN encapsulated and unencapsulated packets

func (ProtocolsStruct) GetAll added in v1.0.0 

func (protocols ProtocolsStruct) GetAll() map[Protocol]ProtocolPlugin

func (ProtocolsStruct) GetAllTcp added in v1.0.0 

func (protocols ProtocolsStruct) GetAllTcp() map[Protocol]TcpProtocolPlugin

func (ProtocolsStruct) GetAllUdp added in v1.0.0 

func (protocols ProtocolsStruct) GetAllUdp() map[Protocol]UdpProtocolPlugin

func (ProtocolsStruct) GetTcp added in v1.0.0 

func (protocols ProtocolsStruct) GetTcp(proto Protocol) TcpProtocolPlugin

func (ProtocolsStruct) GetUdp added in v1.0.0 

func (protocols ProtocolsStruct) GetUdp(proto Protocol) UdpProtocolPlugin

func (ProtocolsStruct) Register added in v1.0.0 

func (protos ProtocolsStruct) Register(proto Protocol, plugin ProtocolPlugin)

type TcpProtocolPlugin added in v1.0.0 

type TcpProtocolPlugin interface {
	ProtocolPlugin

	// Called when TCP payload data is available for parsing.
	Parse(pkt *Packet, tcptuple *common.TcpTuple,
		dir uint8, private ProtocolData) ProtocolData

	// Called when the FIN flag is seen in the TCP stream.
	ReceivedFin(tcptuple *common.TcpTuple, dir uint8,
		private ProtocolData) ProtocolData

	// Called when a packets are missing from the tcp
	// stream.
	GapInStream(tcptuple *common.TcpTuple, dir uint8, nbytes int,
		private ProtocolData) (priv ProtocolData, drop bool)
}

type UdpProtocolPlugin added in v1.0.0 

type UdpProtocolPlugin interface {
	ProtocolPlugin

	// ParseUdp is invoked when UDP payload data is available for parsing.
	ParseUdp(pkt *Packet)
}

Source Files

View all Source files

Directories

Path Synopsis
The applayer module provides common definitions with common fields for use with application layer protocols among beats.
 The applayer module provides common definitions with common fields for use with application layer protocols among beats.
This file contains the name mapping data used to convert various DNS IDs to their string values.
 This file contains the name mapping data used to convert various DNS IDs to their string values.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.